Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 837
  • Last Modified:

Migrated Exchange 2007 to Exchange 2010 unable to connect mobile devices with SSL cert

We just migrated Exchange 2007 to 2010 and mail is working however the rekeyed SSL cert is not allowing for us to log into OWA without certificate error or use mobile devices which require SSL.

Please advice on best course of action.
0
manelson05
Asked:
manelson05
  • 6
  • 6
3 Solutions
 
Suliman Abu KharroubIT Consultant Commented:
From EMC, server config, server certificates ,,, make to assign the correct certificate to exchange services.

also  from the browser click on the certificate ro view it,, does it th correct one ?
0
 
manelson05Author Commented:
The error appears to be in Active Sync The Remote connectivity analyser  passes everything until it tries to connect to our domain (https:\\webmail.domain.com)
0
 
Suliman Abu KharroubIT Consultant Commented:
whats the error message you get from https://www.testexchangeconnectivity.com/ ?
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
manelson05Author Commented:
I had to go home I worekd from 7am to 12am.
I just tested this fromhome for activesync, here is the error.

I am able to access OWA from offsite location but cannot authenticate.

      
      Test Steps
       
      Attempting to test potential Autodiscover URL https://milsysgroup.com/AutoDiscover/AutoDiscover.xml
       Testing of this potential Autodiscover URL failed.
       
      Test Steps
       
      Attempting to resolve the host name milsysgroup.com in DNS.
       The host name resolved successfully.
       
      Additional Details
      Testing TCP port 443 on host milsysgroup.com to ensure it's listening and open.
       The port was opened successfully.
      Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
       
      Test Steps
       
      ExRCA is attempting to obtain the SSL certificate from remote server milsysgroup.com on port 443.
       ExRCA wasn't able to obtain the remote SSL certificate.
       
      Additional Details
       The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
      Attempting to test potential Autodiscover URL https://autodiscover.milsysgroup.com/AutoDiscover/AutoDiscover.xml
       Testing of this potential Autodiscover URL failed.
       
      Test Steps
       
      Attempting to resolve the host name autodiscover.milsysgroup.com in DNS.
       The host name couldn't be resolved.
        Tell me more about this issue and how to resolve it
       
      Additional Details
       Host autodiscover.milsysgroup.com couldn't be resolved in DNS InfoDomainNonexistent.
      Attempting to contact the Autodiscover service using the HTTP redirect method.
       The attempt to contact Autodiscover using the HTTP Redirect method failed.
       
      Test Steps
       
      Attempting to resolve the host name autodiscover.milsysgroup.com in DNS.
       The host name couldn't be resolved.
        Tell me more about this issue and how to resolve it
       
      Additional Details
       Host autodiscover.milsysgroup.com couldn't be resolved in DNS InfoDomainNonexistent.
      Attempting to contact the Autodiscover service using the DNS SRV redirect method.
       ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
       
      Test Steps
       
      Attempting to locate SRV record _autodiscover._tcp.milsysgroup.com in DNS.
       The Autodiscover SRV record wasn't found in DNS.
        Tell me more about this issue and how to resolve it
0
 
Suliman Abu KharroubIT Consultant Commented:
From RMC, server config--> client access. check the internl and external url for owa, active sync and ECP.
0
 
manelson05Author Commented:
I am heading to work will update in 25 minutes, will you still beonline?
0
 
Suliman Abu KharroubIT Consultant Commented:
Yes i will :)
0
 
manelson05Author Commented:
internal and external as follows

Internal https:\\servername.domain.com\owa
external https:\\webmail.domain.com
0
 
Suliman Abu KharroubIT Consultant Commented:
For what ? active sync?

then do you use http://webmail.domain.com to access owa externally ?
0
 
manelson05Author Commented:
I rekeyed cert, changed user permissions, users cannot be domain admins OU, then created additioanl dns entries for autodiscover.

Sulimanw, thank you sir!
0
 
manelson05Author Commented:
SULIMANW = Professor
You did not give me answer you taught me through discovery and knowledge.

Merci, salam


Mark
0
 
Suliman Abu KharroubIT Consultant Commented:
You are most welcome :)

Thanks for points.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

  • 6
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now